I've had trouble accessing websites that use a certificate that's signed with the DigiCert Root CA. As an example, if I open up blog.mozilla.org, I get a SEC_ERROR_UNKNOW… (閱讀更多)
I've had trouble accessing websites that use a certificate that's signed with the DigiCert Root CA. As an example, if I open up blog.mozilla.org, I get a SEC_ERROR_UNKNOWN_ISSUER.
This is somehow related to my user profile. If I create a new profile, the problem disappears.
I've tried deleting cert*.db in my profile directory to no avail. I checked about:config and I couldn't find any relevant non-default configuration.
To my surprise, if I want to manually set the trust of the certificate in the certificate manager ("Edit Trust"), it tells me that the certificate is trusted. However, if I click on "View Certificate", I get the following error: "Could not verify this certificate because the issuer is unknown."
I don't know much about CAs, but it seems to be surprising how the issuer of a Root CA could be unknown, isn't that the whole point of a Root CA that it does not need to be signed by another certificate?
The more important question: Where in my profile may I have a non-default option that causes Firefox to not trust the DigiCert Global Root CA?